Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232392e35372e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232392e35372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: KC4SB+S4I6JWjxVPJ6oIUj6dNSp0bI0WxNm+jPBdwdY=
Subject key identifier: F8:B6:0F:E6:34:EA:8E:96:6D:18:0D:E6:0C:38:4B:02:80:B8:80:53
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5087F2FFDB0B388406F7DEA555E4A51AE0192069
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232392e35372e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:16 +0000
ROA not before: Sun 27 Oct 2024 20:00:16 +0000
ROA not after: Sun 26 Oct 2025 20:05:16 +0000
asID: 136787
IP address blocks: 185.229.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:87:f2:ff:db:0b:38:84:06:f7:de:a5:55:e4:a5:1a:e0:19:20:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:16 2024 GMT
Not After : Oct 26 20:05:16 2025 GMT
Subject: CN=F8B60FE634EA8E966D180DE60C384B0280B88053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:31:be:f9:b4:22:fe:d6:8e:92:1f:c3:17:2b:
b3:32:72:40:81:eb:db:9e:3d:3e:57:4f:44:d3:6a:
b6:50:0d:94:4d:1e:78:2f:fd:3e:ce:2a:20:f0:a6:
51:d0:2d:09:8f:25:db:a2:81:93:6a:e6:f6:dc:37:
04:3f:53:e7:2c:68:b8:29:69:4d:a4:8f:ea:16:a8:
f0:22:c3:64:0b:5d:3d:5b:3a:83:2e:24:98:77:e8:
3b:ef:e4:94:22:c1:e1:68:ad:3d:7b:f5:24:f5:59:
c9:00:0c:71:36:4b:e2:da:2d:04:4f:d5:33:93:dc:
af:ea:d7:78:9d:2d:96:4c:da:47:28:77:bf:9f:d6:
09:8a:52:18:b9:b5:c2:c9:65:13:2e:f0:02:75:a9:
61:78:9c:51:1b:57:2a:af:74:63:b5:75:3d:55:2d:
19:29:15:db:4f:a0:78:ce:e4:a6:15:86:64:54:5b:
7e:9e:8d:86:82:b1:23:f3:77:de:ce:64:39:ac:6f:
dc:15:07:09:c0:15:31:77:60:a6:b4:d8:96:19:b1:
08:45:27:08:52:5e:27:6e:6d:d4:0a:59:67:aa:a0:
8c:9f:50:d4:b8:79:e7:b3:37:28:be:3b:31:ee:a8:
b8:3d:7c:1a:85:d9:9c:06:4c:4c:8f:1c:40:0d:dc:
55:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:B6:0F:E6:34:EA:8E:96:6D:18:0D:E6:0C:38:4B:02:80:B8:80:53
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232392e35372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.57.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:71:85:11:21:a1:a3:97:17:4d:2c:58:2f:5e:52:a1:60:7f:
b7:f8:5c:1e:f8:b3:00:1c:11:82:c0:54:4a:9e:89:e4:0b:a4:
2c:a1:9e:d9:7a:71:36:0e:08:e2:9a:5f:0e:42:83:e8:b2:47:
30:26:0c:1a:cb:a9:21:64:ce:32:5d:55:96:8e:dd:29:73:c8:
0f:f9:03:d5:b2:5b:d1:ef:7a:65:aa:9f:0f:79:7f:07:37:79:
f2:b5:46:ef:65:d5:42:35:5d:8a:8e:b3:b6:2e:c7:1e:fb:0c:
40:e5:2e:a6:e3:eb:92:d5:07:d0:7f:11:94:73:e4:70:b4:21:
10:d3:30:f8:91:ec:54:c4:21:33:8b:bf:4c:64:cc:0c:cb:6c:
c8:bd:2d:b2:a6:94:c7:f6:04:04:96:2e:ac:8a:91:56:b4:b0:
0d:d6:de:32:8e:16:0b:e5:8f:5f:34:fd:fa:a4:c2:3a:23:bd:
b0:b3:20:8e:6c:a0:55:b2:f0:f9:89:a1:ea:99:98:8f:17:9c:
b5:f7:4e:6b:3c:0c:ea:00:a3:0a:52:1a:01:d9:9c:47:67:23:
3e:67:d1:66:10:7e:8a:55:a6:8c:08:7e:15:b3:ea:20:67:0b:
7d:f2:63:60:a6:51:70:11:4c:db:01:6b:dd:8a:8c:85:ab:a3:
d2:bb:83:ff
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUIfy/9sLOIQG996lVeSlGuAZIGkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMTZaFw0yNTEwMjYyMDA1MTZaMDMxMTAvBgNV
BAMTKEY4QjYwRkU2MzRFQThFOTY2RDE4MERFNjBDMzg0QjAyODBCODgwNTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLMb75tCL+1o6SH8MXK7MyckCB
69uePT5XT0TTarZQDZRNHngv/T7OKiDwplHQLQmPJduigZNq5vbcNwQ/U+csaLgp
aU2kj+oWqPAiw2QLXT1bOoMuJJh36Dvv5JQiweForT179ST1WckADHE2S+LaLQRP
1TOT3K/q13idLZZM2kcod7+f1gmKUhi5tcLJZRMu8AJ1qWF4nFEbVyqvdGO1dT1V
LRkpFdtPoHjO5KYVhmRUW36ejYaCsSPzd97OZDmsb9wVBwnAFTF3YKa02JYZsQhF
JwhSXidubdQKWWeqoIyfUNS4eeezNyi+OzHuqLg9fBqF2ZwGTEyPHEAN3FXZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU+LYP5jTqjpZtGA3mDDhLAoC4gFMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzkyZTM1
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC55TkwDQYJKoZIhvcNAQELBQADggEBABtxhREhoaOXF00sWC9eUqFgf7f4XB74
swAcEYLAVEqeieQLpCyhntl6cTYOCOKaXw5Cg+iyRzAmDBrLqSFkzjJdVZaO3Slz
yA/5A9WyW9HvemWqnw95fwc3efK1Ru9l1UI1XYqOs7Yuxx77DEDlLqbj65LVB9B/
EZRz5HC0IRDTMPiR7FTEITOLv0xkzAzLbMi9LbKmlMf2BASWLqyKkVa0sA3W3jKO
Fgvlj180/fqkwjojvbCzII5soFWy8PmJoeqZmI8XnLX3Tms8DOoAowpSGgHZnEdn
Iz5n0WYQfopVpowIfhWz6iBnC33yY2CmUXARTNsBa92KjIWro9K7g/8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org